Lisabella | 27.08.2015 22:00 | so, hier einmal das Anwendungsprotokoll von mbam: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlaufdatum: 27.08.2015
Suchlaufzeit: 22:17
Protokolldatei: mbm.txt
Administrator: Ja
Version: 2.1.8.1057
Malware-Datenbank: v2015.08.27.04
Rootkit-Datenbank: v2015.08.16.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Lisa
Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 411194
Abgelaufene Zeit: 16 Min., 14 Sek.
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(keine bösartigen Elemente erkannt)
Module: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 18
PUP.Optional.BrowseMark.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{b99c8534-7800-48fa-bd71-519a46cdc7e1}Gw64, In Quarantäne, [ede332db6823a5916b2bf59c19ecb64a],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}, In Quarantäne, [4a86a7661c6f4aec898c14c1a75bfd03],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, In Quarantäne, [4a86a7661c6f4aec898c14c1a75bfd03],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, In Quarantäne, [4a86a7661c6f4aec898c14c1a75bfd03],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, In Quarantäne, [4a86a7661c6f4aec898c14c1a75bfd03],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\esrv.mysearchdialESrvc.1, In Quarantäne, [4a86a7661c6f4aec898c14c1a75bfd03],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\esrv.mysearchdialESrvc, In Quarantäne, [4a86a7661c6f4aec898c14c1a75bfd03],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.mysearchdialESrvc, In Quarantäne, [4a86a7661c6f4aec898c14c1a75bfd03],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\esrv.mysearchdialESrvc, In Quarantäne, [4a86a7661c6f4aec898c14c1a75bfd03],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.mysearchdialESrvc.1, In Quarantäne, [4a86a7661c6f4aec898c14c1a75bfd03],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\esrv.mysearchdialESrvc.1, In Quarantäne, [4a86a7661c6f4aec898c14c1a75bfd03],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}, In Quarantäne, [4a86a7661c6f4aec898c14c1a75bfd03],
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-166558827-3929483075-2266271292-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, In Quarantäne, [2ba5a7662e5d52e4cc5e326c010151af],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, In Quarantäne, [2ba5a7662e5d52e4cc5e326c010151af],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, In Quarantäne, [89477e8f1e6dab8b6685356cb450956b],
PUP.Optional.InstallCore.C, HKU\S-1-5-21-166558827-3929483075-2266271292-1001\SOFTWARE\InstallCore, In Quarantäne, [a030927b29622f07d63b159890746799],
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-166558827-3929483075-2266271292-1001\SOFTWARE\mysearchdial.com, In Quarantäne, [ca0627e6acdf0c2afc0788f4b84ced13],
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-166558827-3929483075-2266271292-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, In Quarantäne, [c60a6f9ef69549ed5c8e2a779f65d927],
Registrierungswerte: 10
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtDyBtBtCyBtCyDtG0F0D0AtBtG0E0C0EtBtG0EyD0CyEtGyEyCyDtDyCzytDtAyB0B0A0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtD0D0BtBtAyCyCtGzz0BzztCtGzyyDtB0BtGyBzzzzyEtGyE0FtC0AyE0A0CyEtAtDyBtC2Q&cr=740414686&ir=, In Quarantäne, [89477e8f1e6dab8b6685356cb450956b]
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtDyBtBtCyBtCyDtG0F0D0AtBtG0E0C0EtBtG0EyD0CyEtGyEyCyDtDyCzytDtAyB0B0A0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtD0D0BtBtAyCyCtGzz0BzztCtGzyyDtB0BtGyBzzzzyEtGyE0FtC0AyE0A0CyEtAtDyBtC2Q&cr=740414686&ir=, In Quarantäne, [60700a03701b61d56289dcc56d97b14f]
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|FaviconPath, C:\Program Files (x86)\Mysearchdial\1.8.29.0\FavIcon.ico, In Quarantäne, [3c94dd30a4e7211502e9dfc221e336ca]
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Mysearchdial, In Quarantäne, [2aa6d03d2f5cba7ce902abf62ada8080]
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|DisplayName, Mysearchdial, In Quarantäne, [3799fd103b507eb89853505164a04bb5]
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-166558827-3929483075-2266271292-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtDyBtBtCyBtCyDtG0F0D0AtBtG0E0C0EtBtG0EyD0CyEtGyEyCyDtDyCzytDtAyB0B0A0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtD0D0BtBtAyCyCtGzz0BzztCtGzyyDtB0BtGyBzzzzyEtGyE0FtC0AyE0A0CyEtAtDyBtC2Q&cr=740414686&ir=, In Quarantäne, [c60a6f9ef69549ed5c8e2a779f65d927]
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-166558827-3929483075-2266271292-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtDyBtBtCyBtCyDtG0F0D0AtBtG0E0C0EtBtG0EyD0CyEtGyEyCyDtDyCzytDtAyB0B0A0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtD0D0BtBtAyCyCtGzz0BzztCtGzyyDtB0BtGyBzzzzyEtGyE0FtC0AyE0A0CyEtAtDyBtC2Q&cr=740414686&ir=, In Quarantäne, [676949c46a212e08b53540618f750df3]
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-166558827-3929483075-2266271292-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|FaviconPath, C:\Program Files (x86)\Mysearchdial\1.8.29.0\FavIcon.ico, In Quarantäne, [567a31dc6427af8706e4c9d8d62ec739]
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-166558827-3929483075-2266271292-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Mysearchdial, In Quarantäne, [b31d59b49eed2412a347dbc67e8634cc]
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-166558827-3929483075-2266271292-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|DisplayName, Mysearchdial, In Quarantäne, [8c44d13ccbc0cd696486dfc20ff5f30d]
Registrierungsdaten: 1
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://start.mysearchdial.com/?f=1&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtDyBtBtCyBtCyDtG0F0D0AtBtG0E0C0EtBtG0EyD0CyEtGyEyCyDtDyCzytDtAyB0B0A0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtD0D0BtBtAyCyCtGzz0BzztCtGzyyDtB0BtGyBzzzzyEtGyE0FtC0AyE0A0CyEtAtDyBtC2Q&cr=740414686&ir=, Gut: (www.google.com), Schlecht: (hxxp://start.mysearchdial.com/?f=1&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtDyBtBtCyBtCyDtG0F0D0AtBtG0E0C0EtBtG0EyD0CyEtGyEyCyDtDyCzytDtAyB0B0A0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtD0D0BtBtAyCyCtGzz0BzztCtGzyyDtB0BtGyBzzzzyEtGyE0FtC0AyE0A0CyEtAtDyBtC2Q&cr=740414686&ir=),Ersetzt,[9a36e22b3b50d4629debaab1a95cc23e]
Ordner: 0
(keine bösartigen Elemente erkannt)
Dateien: 66
PUP.Optional.BrowseMark.A, C:\Windows\System32\drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}Gw64.sys, Löschen bei Neustart, [ede332db6823a5916b2bf59c19ecb64a],
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\searchplugins\Mysearchdial.xml, In Quarantäne, [e4ec16f7028921158f683929e61dc739],
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.AL", 2);), Ersetzt,[953b14f93e4d9a9c02ddff97a75e847c]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (ser Preferences
/* Do not edit this file.
*
* If y), Ersetzt,[3a96d13c1f6c5bdbe5fafe9811f4738d]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (s
/* Do not edit this file.
*
* If you make changes to this file while the app), Ersetzt,[319f9776ec9f6acc56895c3a5baa9769]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (e.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
*/
user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.update.lastUpdateTime.addon-background-update-t), Ersetzt,[8d43b459ee9d45f19b441f77a461b64a]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (adfind.flashBar", 0);
user_pref("app.update.last), Ersetzt,[0cc43ad31b7038fe03dc30667b8a9868]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (eferences
/* Do not edit this file.
*
* If you), Ersetzt,[0ac653baafdcf442835cafe753b25da3]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (ences
/* Do not edit this file.
*
* If you), Ersetzt,[0dc36aa339527db9cc133462798cab55]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (eferences
/* Do not edit this file.
*
* If yo), Ersetzt,[0cc420ed325964d22bb45343ba4bd22e]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (rences
/* Do not edit this file.
*
* If you), Ersetzt,[58789875d4b74de935aa098dfc09f60a]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (ferences
/* Do not edit this file.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
*/
user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1440706795);
user_pref("app.update.lastUpdateTime.background-update-timer", 1440706555);
user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1440706675);
user_pref("app.update.lastUpdateTime.browser-cleanup-thumbna), Ersetzt,[08c8f51822690d29b827c1d5887dbc44]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: ("app.update.lastUpdateTime.browser-cleanup-thumbnail), Ersetzt,[854b63aad5b63600d807ade9f41153ad]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (rences
/* Do not edit this file.
*
* If you make changes to this file whi), Ersetzt,[9a3610fdfa91d95d1cc30a8ca65fa65a]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (s file.
*
* If you make changes to this file), Ersetzt,[19b7a06dcac16ccaae3122743bcaa15f]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (references
/* Do not edit this file.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
*/
user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1440706795);
user_pref("app.u), Ersetzt,[f1df937acbc043f3429da8ee62a3dc24]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (nd-update-timer", 1440706795);
user_pref("app.update.lastUp), Ersetzt,[f3dd8b82ef9c35019f40d9bd2dd8ee12]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (
/* Do not edit this file.
*
* If you make changes), Ersetzt,[e6ea0805b6d54fe7a639890d17eedb25]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (ces
/* Do not edit this file.
*
* If you make chang), Ersetzt,[834dd33ab3d86acc31aef1a5b25334cc]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (
/* Do not edit this file.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
*/
user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1440706795);
user_pref("app.update.la), Ersetzt,[a62a60ad8ffcbe78fbe452440500fc04]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (ound-update-timer", 1440706795);
user_pref("app.update.lastUpdateTi), Ersetzt,[29a712fbf794092d66799df97392669a]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (not edit this file.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
*/
user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1440706795);
user_pref("app.update.lastUpdateTime.b), Ersetzt,[7a56000d2d5ee452d10ec6d0b2537f81]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (-update-timer", 1440706795);
user_pref("app.update.lastUpdateTime.background-update-timer", 1440706555);
user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 144070), Ersetzt,[9937ff0ef09bdc5a4798346229dca35d]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: ( overwritten when the application exits.
*
* To make a ), Ersetzt,[00d02de074178babf3ecd7bfe91c42be]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (
/* Do not edit this file.
*
* If you make changes to t), Ersetzt,[3898f419800bcb6b4c931f7724e1b64a]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (
/* Do not edit this file.
*
* If you make c), Ersetzt,[329eb4592962a393b52a5244709522de]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (references
/* Do not edit this file.
*
* If you make cha), Ersetzt,[0ac6739a414a78be00dfb3e343c2e51b]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (* Do not edit this file.
*
* If you make changes), Ersetzt,[23adba53f4976bcbb62910863fc614ec]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (rences
/* Do not edit this file.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
*/
user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1440706795);
user_pref("app.update.lastU), Ersetzt,[0dc367a6d6b51224815e0d8909fca45c]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (te-timer", 1440706795);
user_pref("app.update.lastUpd), Ersetzt,[923eb4596c1f979f7669ebab12f3c43c]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (nces
/* Do not edit this file.
*
* If you make c), Ersetzt,[ddf3a964701bef479c432274996c4eb2]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (ces
/* Do not edit this file.
*
* If you make ), Ersetzt,[ede3cf3e206bed49e0ff4d49c83dc43c]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (ences
/* Do not edit this file.
*
* If you make ), Ersetzt,[d9f7bd50d0bb76c0ca153c5a12f354ac]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (ces
/* Do not edit this file.
*
* If you make changes to th), Ersetzt,[4d83e02d810a013548971d7957ae7090]
PUP.Optional.MySearch.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (user_pref("extensions.irmysearch.aflt", "ir_14_17_ff");), Ersetzt,[854baf5eee9d1c1ad5055145c93cf30d]
PUP.Optional.MySearch.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (.irmysearch.aflt", "ir_14_17_ff");
user_pref("extension), Ersetzt,[557b7499abe06dc9f3e7abebf80dd42c]
PUP.Optional.MySearch.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (irmysearch.aflt", "ir_14_17_ff");
user_pref("exten), Ersetzt,[1cb4e8253d4e9c9a1dbd2472e2238c74]
PUP.Optional.MySearch.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (ions.irmysearch.aflt", "ir_14_17_ff");
user_pref("extensions.irmysearch.instlRef", "140305_a");
user_pref("extensions.irmysearch.cr", "740414686");
user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtDyBtBtCyBtCyDtG0F0D0A), Ersetzt,[59776e9faae16dc94b8feaacfe0719e7]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.hmpg", true);), Ersetzt,[10c0a667bbd0a294fbe52d69b94c649c]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (xtensions.irmysearch.aflt", "ir_14_17_ff");
user_pref("extensions.irmysearch.instlRef", "140305_a");
user_pref("extensions.irmysearch.cr", "740414686");
user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtDyBtBtCyBtCyDtG0F0D0AtBtG0E0C0EtBtG0EyD0CyEtGyEyCyDtDyCzytDtAyB0B0A0F2QtN1M1F1B2Z1V1N2Y1L1Qz), Ersetzt,[ac24ac61ccbf73c3855ba0f645c011ef]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (GyEyCyDtDyCzytDtAyB0B0A0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2St), Ersetzt,[f9d7cc41b8d353e328b8fd9965a0c33d]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (sions.irmysearch.aflt", "ir_14_17_ff");
user_pref("extensions.), Ersetzt,[a42caf5e177445f110d0524465a07a86]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (earch.aflt", "ir_14_17_ff");
user_pref("extension), Ersetzt,[fbd548c5494213236080b4e2b74eb64a]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (ensions.irmysearch.aflt", "ir_14_17_ff");
user_pref(), Ersetzt,[68682fde404b2a0c914f0a8c0bfae719]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (ions.irmysearch.aflt", "ir_14_17_ff");
user_pref("extensions.irmysearch.instlRef", "140305_a");
user_pref("extensions.irmysearch.cr", "740414686");
user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtDyBtBtCyBtCyDtG0F0D0AtBtG0E0C0EtBtG0EyD0CyEtGyEyCyDtDyCzytDtAyB0B0A0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtD), Ersetzt,[b7194bc2b9d26cca5f818c0ab550a35d]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (EyCyDtDyCzytDtAyB0B0A0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtD0D0BtBtAyCyCtGzz0BzztCtGzyyDtB0BtGyBzzzzyEtGyE0FtC0AyE0A0CyEtAtDyBtC2Q");
user_pref("extensions.mysearchdial.hmpg", true);
user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtDyBtBtCyBtCyDtG0F0), Ersetzt,[27a9f815e1aad75fd0109105dd285da3]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (tDyCzytDtAyB0B0A0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtD0D0BtBtAyCyC), Ersetzt,[0cc4e528f695f73fe5fb692d65a009f7]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (mysearch.aflt", "ir_14_17_ff");
user_pref("extensions.), Ersetzt,[2ea24dc0612af640b42ca3f3d62fde22]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (ns.irmysearch.aflt", "ir_14_17_ff");
user_pref("exten), Ersetzt,[99373dd0800bd0664e9236604cb9718f]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (ons.irmysearch.aflt", "ir_14_17_ff");
user_pref("exten), Ersetzt,[b818a964652643f34997eda933d2aa56]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (ns.irmysearch.aflt", "ir_14_17_ff");
user_pref("extensions.irmyse), Ersetzt,[cc040508b2d9cc6ac719b6e012f3ef11]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (ch.aflt", "ir_14_17_ff");
user_pref("extensions.irmysearch.i), Ersetzt,[eae6917ca7e4d660b62ad1c564a1e020]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (ysearch.aflt", "ir_14_17_ff");
user_pref("extensions.irmys), Ersetzt,[973925e80c7f16201bc57c1a3cc9a65a]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (rmysearch.aflt", "ir_14_17_ff");
user_pref("extensions.i), Ersetzt,[498711fcc0cb89ad39a76e28c04544bc]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (.irmysearch.aflt", "ir_14_17_ff");
user_pref("extensio), Ersetzt,[00d0f81586057fb7a33d8d09ed18c63a]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (ns.irmysearch.aflt", "ir_14_17_ff");
user_pref("ext), Ersetzt,[5d7374997d0e5cda2cb48d0942c31be5]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (sions.irmysearch.aflt", "ir_14_17_ff");
user_pref("extens), Ersetzt,[9a36808dc0cb62d4815f4056cb3adb25]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (irmysearch.aflt", "ir_14_17_ff");
user_pref("ext), Ersetzt,[be121af35c2f6acca0408b0b29dccb35]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (tensions.irmysearch.aflt", "ir_14_17_ff");
user_pref("extensions.irmysearch.instlRef), Ersetzt,[bd13bc515e2dc175469ab0e6d23333cd]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (_ff");
user_pref("extensions.irmysearch.instlRef", ), Ersetzt,[daf6cf3e6e1dfd39d907247201043bc5]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (sions.irmysearch.aflt", "ir_14_17_ff");
user_pref("e), Ersetzt,[537dd835593200364e92c3d31beaec14]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (ions.irmysearch.aflt", "ir_14_17_ff");
user_pref("extensions.irmysearch.instlRef", "140305_a");
user_pref("extensions.irmysearch.cr", "740414686");
user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtDyBtBtCyBtCyDtG0F0D0AtB), Ersetzt,[814f5eaf246772c44d93286e46bfa65a]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (D1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtDyBtBtCyBtCyD), Ersetzt,[587832dba1ea62d4d40c5c3aba4bbc44]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtDyBtBtCyBtCyDtG0F0D0AtBtG0E0C0EtBtG0EyD0CyEtGyEyCyDtDyCzytDtAyB0B0A0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtD0D0BtBtAyCyCtGzz0BzztCtGzyyDtB0BtGyBzzzzyEtGyE0FtC0AyE0A0CyEtAtDyBtC2Q&cr=740414686&ir=");), Ersetzt,[9838c7466a2169cd06dbd7bff80d0cf4]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtDyBtBtCyBtCyDtG0F0D0AtBtG0E0C0EtBtG0EyD0CyEtGyEyCyDtDyCzytDtAyB0B0A0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtD0D0BtBtAyCyCtGzz0BzztCtGzyyDtB0BtGyBzzzzyEtGyE0FtC0AyE0A0CyEtAtDyBtC2Q&cr=740414686&ir=");
user_), Ersetzt,[fed2bc5146457db9964b50469570a35d]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (tBtCyBtCyDtG0F0D0AtBtG0E0C0EtBtG0EyD0CyEtGyEyCyDtDyCzytDtAyB0B0A0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtD0D0BtBtAyCyCtGzz0BzztCtGzyyDtB0BtGyBzzzzyEtGyE0FtC0AyE0A0CyEtAtDyBtC2Q");
user_pref("extensions.mysearchdial.hmpg", true);
user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1T), Ersetzt,[834d0904ff8cac8acf1265310cf940c0]
Physische Sektoren: 0
(keine bösartigen Elemente erkannt)
(end) so, hier einmal das Anwendungsprotokoll von mbam: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlaufdatum: 27.08.2015
Suchlaufzeit: 22:17
Protokolldatei: mbm.txt
Administrator: Ja
Version: 2.1.8.1057
Malware-Datenbank: v2015.08.27.04
Rootkit-Datenbank: v2015.08.16.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Lisa
Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 411194
Abgelaufene Zeit: 16 Min., 14 Sek.
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(keine bösartigen Elemente erkannt)
Module: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 18
PUP.Optional.BrowseMark.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{b99c8534-7800-48fa-bd71-519a46cdc7e1}Gw64, In Quarantäne, [ede332db6823a5916b2bf59c19ecb64a],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}, In Quarantäne, [4a86a7661c6f4aec898c14c1a75bfd03],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, In Quarantäne, [4a86a7661c6f4aec898c14c1a75bfd03],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, In Quarantäne, [4a86a7661c6f4aec898c14c1a75bfd03],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, In Quarantäne, [4a86a7661c6f4aec898c14c1a75bfd03],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\esrv.mysearchdialESrvc.1, In Quarantäne, [4a86a7661c6f4aec898c14c1a75bfd03],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\esrv.mysearchdialESrvc, In Quarantäne, [4a86a7661c6f4aec898c14c1a75bfd03],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.mysearchdialESrvc, In Quarantäne, [4a86a7661c6f4aec898c14c1a75bfd03],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\esrv.mysearchdialESrvc, In Quarantäne, [4a86a7661c6f4aec898c14c1a75bfd03],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.mysearchdialESrvc.1, In Quarantäne, [4a86a7661c6f4aec898c14c1a75bfd03],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\esrv.mysearchdialESrvc.1, In Quarantäne, [4a86a7661c6f4aec898c14c1a75bfd03],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}, In Quarantäne, [4a86a7661c6f4aec898c14c1a75bfd03],
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-166558827-3929483075-2266271292-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, In Quarantäne, [2ba5a7662e5d52e4cc5e326c010151af],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, In Quarantäne, [2ba5a7662e5d52e4cc5e326c010151af],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, In Quarantäne, [89477e8f1e6dab8b6685356cb450956b],
PUP.Optional.InstallCore.C, HKU\S-1-5-21-166558827-3929483075-2266271292-1001\SOFTWARE\InstallCore, In Quarantäne, [a030927b29622f07d63b159890746799],
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-166558827-3929483075-2266271292-1001\SOFTWARE\mysearchdial.com, In Quarantäne, [ca0627e6acdf0c2afc0788f4b84ced13],
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-166558827-3929483075-2266271292-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, In Quarantäne, [c60a6f9ef69549ed5c8e2a779f65d927],
Registrierungswerte: 10
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtDyBtBtCyBtCyDtG0F0D0AtBtG0E0C0EtBtG0EyD0CyEtGyEyCyDtDyCzytDtAyB0B0A0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtD0D0BtBtAyCyCtGzz0BzztCtGzyyDtB0BtGyBzzzzyEtGyE0FtC0AyE0A0CyEtAtDyBtC2Q&cr=740414686&ir=, In Quarantäne, [89477e8f1e6dab8b6685356cb450956b]
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtDyBtBtCyBtCyDtG0F0D0AtBtG0E0C0EtBtG0EyD0CyEtGyEyCyDtDyCzytDtAyB0B0A0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtD0D0BtBtAyCyCtGzz0BzztCtGzyyDtB0BtGyBzzzzyEtGyE0FtC0AyE0A0CyEtAtDyBtC2Q&cr=740414686&ir=, In Quarantäne, [60700a03701b61d56289dcc56d97b14f]
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|FaviconPath, C:\Program Files (x86)\Mysearchdial\1.8.29.0\FavIcon.ico, In Quarantäne, [3c94dd30a4e7211502e9dfc221e336ca]
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Mysearchdial, In Quarantäne, [2aa6d03d2f5cba7ce902abf62ada8080]
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|DisplayName, Mysearchdial, In Quarantäne, [3799fd103b507eb89853505164a04bb5]
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-166558827-3929483075-2266271292-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtDyBtBtCyBtCyDtG0F0D0AtBtG0E0C0EtBtG0EyD0CyEtGyEyCyDtDyCzytDtAyB0B0A0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtD0D0BtBtAyCyCtGzz0BzztCtGzyyDtB0BtGyBzzzzyEtGyE0FtC0AyE0A0CyEtAtDyBtC2Q&cr=740414686&ir=, In Quarantäne, [c60a6f9ef69549ed5c8e2a779f65d927]
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-166558827-3929483075-2266271292-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtDyBtBtCyBtCyDtG0F0D0AtBtG0E0C0EtBtG0EyD0CyEtGyEyCyDtDyCzytDtAyB0B0A0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtD0D0BtBtAyCyCtGzz0BzztCtGzyyDtB0BtGyBzzzzyEtGyE0FtC0AyE0A0CyEtAtDyBtC2Q&cr=740414686&ir=, In Quarantäne, [676949c46a212e08b53540618f750df3]
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-166558827-3929483075-2266271292-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|FaviconPath, C:\Program Files (x86)\Mysearchdial\1.8.29.0\FavIcon.ico, In Quarantäne, [567a31dc6427af8706e4c9d8d62ec739]
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-166558827-3929483075-2266271292-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Mysearchdial, In Quarantäne, [b31d59b49eed2412a347dbc67e8634cc]
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-166558827-3929483075-2266271292-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|DisplayName, Mysearchdial, In Quarantäne, [8c44d13ccbc0cd696486dfc20ff5f30d]
Registrierungsdaten: 1
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://start.mysearchdial.com/?f=1&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtDyBtBtCyBtCyDtG0F0D0AtBtG0E0C0EtBtG0EyD0CyEtGyEyCyDtDyCzytDtAyB0B0A0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtD0D0BtBtAyCyCtGzz0BzztCtGzyyDtB0BtGyBzzzzyEtGyE0FtC0AyE0A0CyEtAtDyBtC2Q&cr=740414686&ir=, Gut: (www.google.com), Schlecht: (hxxp://start.mysearchdial.com/?f=1&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtDyBtBtCyBtCyDtG0F0D0AtBtG0E0C0EtBtG0EyD0CyEtGyEyCyDtDyCzytDtAyB0B0A0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtD0D0BtBtAyCyCtGzz0BzztCtGzyyDtB0BtGyBzzzzyEtGyE0FtC0AyE0A0CyEtAtDyBtC2Q&cr=740414686&ir=),Ersetzt,[9a36e22b3b50d4629debaab1a95cc23e]
Ordner: 0
(keine bösartigen Elemente erkannt)
Dateien: 66
PUP.Optional.BrowseMark.A, C:\Windows\System32\drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}Gw64.sys, Löschen bei Neustart, [ede332db6823a5916b2bf59c19ecb64a],
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\searchplugins\Mysearchdial.xml, In Quarantäne, [e4ec16f7028921158f683929e61dc739],
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.AL", 2);), Ersetzt,[953b14f93e4d9a9c02ddff97a75e847c]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (ser Preferences
/* Do not edit this file.
*
* If y), Ersetzt,[3a96d13c1f6c5bdbe5fafe9811f4738d]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (s
/* Do not edit this file.
*
* If you make changes to this file while the app), Ersetzt,[319f9776ec9f6acc56895c3a5baa9769]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (e.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
*/
user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.update.lastUpdateTime.addon-background-update-t), Ersetzt,[8d43b459ee9d45f19b441f77a461b64a]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (adfind.flashBar", 0);
user_pref("app.update.last), Ersetzt,[0cc43ad31b7038fe03dc30667b8a9868]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (eferences
/* Do not edit this file.
*
* If you), Ersetzt,[0ac653baafdcf442835cafe753b25da3]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (ences
/* Do not edit this file.
*
* If you), Ersetzt,[0dc36aa339527db9cc133462798cab55]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (eferences
/* Do not edit this file.
*
* If yo), Ersetzt,[0cc420ed325964d22bb45343ba4bd22e]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (rences
/* Do not edit this file.
*
* If you), Ersetzt,[58789875d4b74de935aa098dfc09f60a]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (ferences
/* Do not edit this file.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
*/
user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1440706795);
user_pref("app.update.lastUpdateTime.background-update-timer", 1440706555);
user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1440706675);
user_pref("app.update.lastUpdateTime.browser-cleanup-thumbna), Ersetzt,[08c8f51822690d29b827c1d5887dbc44]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: ("app.update.lastUpdateTime.browser-cleanup-thumbnail), Ersetzt,[854b63aad5b63600d807ade9f41153ad]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (rences
/* Do not edit this file.
*
* If you make changes to this file whi), Ersetzt,[9a3610fdfa91d95d1cc30a8ca65fa65a]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (s file.
*
* If you make changes to this file), Ersetzt,[19b7a06dcac16ccaae3122743bcaa15f]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (references
/* Do not edit this file.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
*/
user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1440706795);
user_pref("app.u), Ersetzt,[f1df937acbc043f3429da8ee62a3dc24]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (nd-update-timer", 1440706795);
user_pref("app.update.lastUp), Ersetzt,[f3dd8b82ef9c35019f40d9bd2dd8ee12]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (
/* Do not edit this file.
*
* If you make changes), Ersetzt,[e6ea0805b6d54fe7a639890d17eedb25]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (ces
/* Do not edit this file.
*
* If you make chang), Ersetzt,[834dd33ab3d86acc31aef1a5b25334cc]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (
/* Do not edit this file.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
*/
user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1440706795);
user_pref("app.update.la), Ersetzt,[a62a60ad8ffcbe78fbe452440500fc04]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (ound-update-timer", 1440706795);
user_pref("app.update.lastUpdateTi), Ersetzt,[29a712fbf794092d66799df97392669a]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (not edit this file.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
*/
user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1440706795);
user_pref("app.update.lastUpdateTime.b), Ersetzt,[7a56000d2d5ee452d10ec6d0b2537f81]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (-update-timer", 1440706795);
user_pref("app.update.lastUpdateTime.background-update-timer", 1440706555);
user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 144070), Ersetzt,[9937ff0ef09bdc5a4798346229dca35d]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: ( overwritten when the application exits.
*
* To make a ), Ersetzt,[00d02de074178babf3ecd7bfe91c42be]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (
/* Do not edit this file.
*
* If you make changes to t), Ersetzt,[3898f419800bcb6b4c931f7724e1b64a]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (
/* Do not edit this file.
*
* If you make c), Ersetzt,[329eb4592962a393b52a5244709522de]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (references
/* Do not edit this file.
*
* If you make cha), Ersetzt,[0ac6739a414a78be00dfb3e343c2e51b]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (* Do not edit this file.
*
* If you make changes), Ersetzt,[23adba53f4976bcbb62910863fc614ec]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (rences
/* Do not edit this file.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
*/
user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1440706795);
user_pref("app.update.lastU), Ersetzt,[0dc367a6d6b51224815e0d8909fca45c]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (te-timer", 1440706795);
user_pref("app.update.lastUpd), Ersetzt,[923eb4596c1f979f7669ebab12f3c43c]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (nces
/* Do not edit this file.
*
* If you make c), Ersetzt,[ddf3a964701bef479c432274996c4eb2]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (ces
/* Do not edit this file.
*
* If you make ), Ersetzt,[ede3cf3e206bed49e0ff4d49c83dc43c]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (ences
/* Do not edit this file.
*
* If you make ), Ersetzt,[d9f7bd50d0bb76c0ca153c5a12f354ac]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js, Gut: (), Schlecht: (ces
/* Do not edit this file.
*
* If you make changes to th), Ersetzt,[4d83e02d810a013548971d7957ae7090]
PUP.Optional.MySearch.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (user_pref("extensions.irmysearch.aflt", "ir_14_17_ff");), Ersetzt,[854baf5eee9d1c1ad5055145c93cf30d]
PUP.Optional.MySearch.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (.irmysearch.aflt", "ir_14_17_ff");
user_pref("extension), Ersetzt,[557b7499abe06dc9f3e7abebf80dd42c]
PUP.Optional.MySearch.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (irmysearch.aflt", "ir_14_17_ff");
user_pref("exten), Ersetzt,[1cb4e8253d4e9c9a1dbd2472e2238c74]
PUP.Optional.MySearch.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (ions.irmysearch.aflt", "ir_14_17_ff");
user_pref("extensions.irmysearch.instlRef", "140305_a");
user_pref("extensions.irmysearch.cr", "740414686");
user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtDyBtBtCyBtCyDtG0F0D0A), Ersetzt,[59776e9faae16dc94b8feaacfe0719e7]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.hmpg", true);), Ersetzt,[10c0a667bbd0a294fbe52d69b94c649c]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (xtensions.irmysearch.aflt", "ir_14_17_ff");
user_pref("extensions.irmysearch.instlRef", "140305_a");
user_pref("extensions.irmysearch.cr", "740414686");
user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtDyBtBtCyBtCyDtG0F0D0AtBtG0E0C0EtBtG0EyD0CyEtGyEyCyDtDyCzytDtAyB0B0A0F2QtN1M1F1B2Z1V1N2Y1L1Qz), Ersetzt,[ac24ac61ccbf73c3855ba0f645c011ef]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (GyEyCyDtDyCzytDtAyB0B0A0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2St), Ersetzt,[f9d7cc41b8d353e328b8fd9965a0c33d]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (sions.irmysearch.aflt", "ir_14_17_ff");
user_pref("extensions.), Ersetzt,[a42caf5e177445f110d0524465a07a86]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (earch.aflt", "ir_14_17_ff");
user_pref("extension), Ersetzt,[fbd548c5494213236080b4e2b74eb64a]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (ensions.irmysearch.aflt", "ir_14_17_ff");
user_pref(), Ersetzt,[68682fde404b2a0c914f0a8c0bfae719]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (ions.irmysearch.aflt", "ir_14_17_ff");
user_pref("extensions.irmysearch.instlRef", "140305_a");
user_pref("extensions.irmysearch.cr", "740414686");
user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtDyBtBtCyBtCyDtG0F0D0AtBtG0E0C0EtBtG0EyD0CyEtGyEyCyDtDyCzytDtAyB0B0A0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtD), Ersetzt,[b7194bc2b9d26cca5f818c0ab550a35d]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (EyCyDtDyCzytDtAyB0B0A0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtD0D0BtBtAyCyCtGzz0BzztCtGzyyDtB0BtGyBzzzzyEtGyE0FtC0AyE0A0CyEtAtDyBtC2Q");
user_pref("extensions.mysearchdial.hmpg", true);
user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtDyBtBtCyBtCyDtG0F0), Ersetzt,[27a9f815e1aad75fd0109105dd285da3]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (tDyCzytDtAyB0B0A0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtD0D0BtBtAyCyC), Ersetzt,[0cc4e528f695f73fe5fb692d65a009f7]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (mysearch.aflt", "ir_14_17_ff");
user_pref("extensions.), Ersetzt,[2ea24dc0612af640b42ca3f3d62fde22]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (ns.irmysearch.aflt", "ir_14_17_ff");
user_pref("exten), Ersetzt,[99373dd0800bd0664e9236604cb9718f]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (ons.irmysearch.aflt", "ir_14_17_ff");
user_pref("exten), Ersetzt,[b818a964652643f34997eda933d2aa56]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (ns.irmysearch.aflt", "ir_14_17_ff");
user_pref("extensions.irmyse), Ersetzt,[cc040508b2d9cc6ac719b6e012f3ef11]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (ch.aflt", "ir_14_17_ff");
user_pref("extensions.irmysearch.i), Ersetzt,[eae6917ca7e4d660b62ad1c564a1e020]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (ysearch.aflt", "ir_14_17_ff");
user_pref("extensions.irmys), Ersetzt,[973925e80c7f16201bc57c1a3cc9a65a]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (rmysearch.aflt", "ir_14_17_ff");
user_pref("extensions.i), Ersetzt,[498711fcc0cb89ad39a76e28c04544bc]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (.irmysearch.aflt", "ir_14_17_ff");
user_pref("extensio), Ersetzt,[00d0f81586057fb7a33d8d09ed18c63a]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (ns.irmysearch.aflt", "ir_14_17_ff");
user_pref("ext), Ersetzt,[5d7374997d0e5cda2cb48d0942c31be5]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (sions.irmysearch.aflt", "ir_14_17_ff");
user_pref("extens), Ersetzt,[9a36808dc0cb62d4815f4056cb3adb25]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (irmysearch.aflt", "ir_14_17_ff");
user_pref("ext), Ersetzt,[be121af35c2f6acca0408b0b29dccb35]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (tensions.irmysearch.aflt", "ir_14_17_ff");
user_pref("extensions.irmysearch.instlRef), Ersetzt,[bd13bc515e2dc175469ab0e6d23333cd]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (_ff");
user_pref("extensions.irmysearch.instlRef", ), Ersetzt,[daf6cf3e6e1dfd39d907247201043bc5]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (sions.irmysearch.aflt", "ir_14_17_ff");
user_pref("e), Ersetzt,[537dd835593200364e92c3d31beaec14]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (ions.irmysearch.aflt", "ir_14_17_ff");
user_pref("extensions.irmysearch.instlRef", "140305_a");
user_pref("extensions.irmysearch.cr", "740414686");
user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtDyBtBtCyBtCyDtG0F0D0AtB), Ersetzt,[814f5eaf246772c44d93286e46bfa65a]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (D1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtDyBtBtCyBtCyD), Ersetzt,[587832dba1ea62d4d40c5c3aba4bbc44]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtDyBtBtCyBtCyDtG0F0D0AtBtG0E0C0EtBtG0EyD0CyEtGyEyCyDtDyCzytDtAyB0B0A0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtD0D0BtBtAyCyCtGzz0BzztCtGzyyDtB0BtGyBzzzzyEtGyE0FtC0AyE0A0CyEtAtDyBtC2Q&cr=740414686&ir=");), Ersetzt,[9838c7466a2169cd06dbd7bff80d0cf4]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtDyBtBtCyBtCyDtG0F0D0AtBtG0E0C0EtBtG0EyD0CyEtGyEyCyDtDyCzytDtAyB0B0A0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtD0D0BtBtAyCyCtGzz0BzztCtGzyyDtB0BtGyBzzzzyEtGyE0FtC0AyE0A0CyEtAtDyBtC2Q&cr=740414686&ir=");
user_), Ersetzt,[fed2bc5146457db9964b50469570a35d]
PUP.Optional.MySearchDial.A, C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js, Gut: (), Schlecht: (tBtCyBtCyDtG0F0D0AtBtG0E0C0EtBtG0EyD0CyEtGyEyCyDtDyCzytDtAyB0B0A0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtD0D0BtBtAyCyCtGzz0BzztCtGzyyDtB0BtGyBzzzzyEtGyE0FtC0AyE0A0CyEtAtDyBtC2Q");
user_pref("extensions.mysearchdial.hmpg", true);
user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1T), Ersetzt,[834d0904ff8cac8acf1265310cf940c0]
Physische Sektoren: 0
(keine bösartigen Elemente erkannt)
(end) hier die logdatei von adwcleaner: Code:
# AdwCleaner v5.004 - Bericht erstellt 27/08/2015 um 22:46:55
# Aktualisiert 26/08/2015 von Xplode
# Datenbank : 2015-08-25.1 [Server]
# Betriebssystem : Windows 10 Pro (x64)
# Benutzername : Lisa - LISA
# Gestarted von : C:\Users\Lisa\Downloads\AdwCleaner_5.004.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
***** [ Internetbrowser ] *****
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.order.1", "Mysearchdial");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.irmysearch.aflt", "ir_14_17_ff");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDytG0F0D0AtBtG0E0C0EtBtG0EyD0CyEtAtD0D0BtBtAyCyCtGzz0Bzz[...]
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.irmysearch.cr", "740414686");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.irmysearch.instlRef", "140305_a");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.AL", 2);
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.aflt", "ir_14_17_ff");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDytG0F0D0AtBtG0E0C0EtBtG0EyD0CyEtAtD0D0BtBtAyCyCtGzz0B[...]
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.cntry", "DE");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.cr", "740414686");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.dfltLng", "");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.dfltSrch", true);
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.dnsErr", true);
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,752626116,1657571787,3224935090,2597085128,18285[...]
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.excTlbr", false);
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.hdrMd5", "199817254CCF0E0692D91E14E0594F0F");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.hmpg", true);
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtD[...]
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.id", "362387EBC053F15C");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.instlDay", "16183");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.instlRef", "140305_a");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.lastB", "hxxp://start.mysearchdial.com/?f=1&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtA[...]
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.lastVrsnTs", "1.8.29.021:18:17");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyE[...]
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.pnu_base", "{\"newVrsn\":\"95\",\"lastVrsn\":\"95\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"false\",\"msgTs\":0,\"lstMsgTs\":\"0\"}");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.sg", "none");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.tlbrId", "base");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutC[...]
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.vrsn", "1.8.29.0");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.vrsni", "1.8.29.0");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial_i.newTab", false);
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial_i.smplGrp", "none");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.29.021:18:17");
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [8669 Bytes] ########## hier die logdatei von adwcleaner: Code:
# AdwCleaner v5.004 - Bericht erstellt 27/08/2015 um 22:46:55
# Aktualisiert 26/08/2015 von Xplode
# Datenbank : 2015-08-25.1 [Server]
# Betriebssystem : Windows 10 Pro (x64)
# Benutzername : Lisa - LISA
# Gestarted von : C:\Users\Lisa\Downloads\AdwCleaner_5.004.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\user.js
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
***** [ Internetbrowser ] *****
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.order.1", "Mysearchdial");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.irmysearch.aflt", "ir_14_17_ff");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDytG0F0D0AtBtG0E0C0EtBtG0EyD0CyEtAtD0D0BtBtAyCyCtGzz0Bzz[...]
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.irmysearch.cr", "740414686");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.irmysearch.instlRef", "140305_a");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.AL", 2);
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.aflt", "ir_14_17_ff");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDytG0F0D0AtBtG0E0C0EtBtG0EyD0CyEtAtD0D0BtBtAyCyCtGzz0B[...]
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.cntry", "DE");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.cr", "740414686");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.dfltLng", "");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.dfltSrch", true);
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.dnsErr", true);
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,752626116,1657571787,3224935090,2597085128,18285[...]
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.excTlbr", false);
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.hdrMd5", "199817254CCF0E0692D91E14E0594F0F");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.hmpg", true);
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtD[...]
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.id", "362387EBC053F15C");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.instlDay", "16183");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.instlRef", "140305_a");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.lastB", "hxxp://start.mysearchdial.com/?f=1&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtA[...]
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.lastVrsnTs", "1.8.29.021:18:17");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyE[...]
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.pnu_base", "{\"newVrsn\":\"95\",\"lastVrsn\":\"95\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"false\",\"msgTs\":0,\"lstMsgTs\":\"0\"}");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.sg", "none");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.tlbrId", "base");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=ir_14_17_ff&cd=2XzuyEtN2Y1L1QzutAyCtBtAzzyB0E0B0CtDyDtA0FtCyD0CtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutC[...]
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.vrsn", "1.8.29.0");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial.vrsni", "1.8.29.0");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial_i.newTab", false);
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial_i.smplGrp", "none");
[-] [C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\enoafh08.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.29.021:18:17");
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [8669 Bytes] ########## und hier die junkware: Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.8 (08.24.2015:1)
OS: Windows 10 Pro x64
Ran by Lisa on 27.08.2015 at 22:53:46,36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\enoafh08.default\minidumps [1 files]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.08.2015 at 22:56:13,61
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |